Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

European mobile traffic mysteriously routed through China for two hours

Any unencrypted data could have been viewed or even edited by malicious actors

Anthony Cuthbertson
Tuesday 11 June 2019 16:52 BST
Comments
China rerouted mobile traffic from several European networks
China rerouted mobile traffic from several European networks

European internet traffic was mysteriously forced through Chinese servers for around two hours last week, prompting some mobile phone users to report slow speeds.

Some of the continent's largest mobile phone networks, including Swisscom of Switzerland, KPN of Holland, and Bouygues Telecom and Numericable-SFR of France passed through network infrastructure belonging to state-owned China Telecom – one of the country's largest internet providers.

The incident resulted in approximately 70,000 internet routes coming out of Europe to be compromised, according to Doug Madory, a security analyst at US software firm, Oracle, who first reported on the incident.

This data rerouting affected an estimated 368 million IP addresses in Europe. It would mean that any unencrypted data could have been viewed and possibly edited by malicious actors.

Known as a Border Gateway Protocol (BGP), the incident displayed similar patterns to previous data rerouting attacks by China Telecom, although it is unclear if it was a result of deliberate hacking.

Mr Madory said the scale of the rerouting meant it was unlikely to be the result of a simple network error, in blog post detailing the event.

“Often routing incidents like this only last for a few minutes, but in this case many of the leaked routes in this incident were in circulation for over two hours,” he wrote. "In addition, numerous leaked routes were more-specifics of routes prefixes, suggesting the use of route optimisers or similar technology.”

Support free-thinking journalism and attend Independent events

A similar rerouting of traffic through China Telelcom servers took place in April 2010, when roughly 15 per cent of all internet traffic around the world passed through their systems.

“Today’s incident shows that the internet has not yet eradicated the problem of BGP route leaks,” Mr Madory’s post concluded. "It also reveals that China Telecom, a major international carrier, has still implemented neither the basic routing safeguards necessary both to prevent propagation of routing leaks nor the processes and procedures necessary to detect and remediate them in a timely manner when they inevitably occur.”

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in